OpenID Connect (OIDC)

An authentication protocol built on top of OAuth 2.0. It provides a standardized way to perform user authentication and authorization, while also providing additional features such as user profile information and session management.

OpenID Connect allows users to authenticate using their existing credentials from an OpenID Connect provider (OP), such as Google, Facebook, or Microsoft. When a user logs in, the OP issues an ID token, which contains information about the user's identity and authentication status. The ID token is then sent to the client application, which can use it to authenticate the user and perform authorization checks.

OIDC also provides a standardized set of scopes that can be used to request additional information about the user, such as their email address or profile picture. This information can be included in the ID token or retrieved from the OP's user info endpoint.

Support: perun@cesnet.cz